Results 1  10
of
22
Nitpick: A counterexample generator for higherorder logic based on a relational model finder (Extended Abstract)
 IN TAP 2009: SHORT PAPERS, ETH
, 2009
"... ..."
(Show Context)
Monotonicity Inference for HigherOrder Formulas
, 2010
"... Formulas are often monotonic in the sense that if the formula is satisfiable for given domains of discourse, it is also satisfiable for all larger domains. Monotonicity is undecidable in general, but we devised two calculi that infer it in many cases for higherorder logic. The stronger calculus has ..."
Abstract

Cited by 12 (9 self)
 Add to MetaCart
(Show Context)
Formulas are often monotonic in the sense that if the formula is satisfiable for given domains of discourse, it is also satisfiable for all larger domains. Monotonicity is undecidable in general, but we devised two calculi that infer it in many cases for higherorder logic. The stronger calculus has been implemented in Isabelle’s model finder Nitpick, where it is used to prune the search space, leading to dramatic speed improvements for formulas involving many atomic types.
Automatic Proof and Disproof in Isabelle/HOL
, 2011
"... Isabelle/HOL is a popular interactive theorem prover based on higherorder logic. It owes its success to its ease of use and powerful automation. Much of the automation is performed by external tools: The metaprover Sledgehammer relies on resolution provers and SMT solvers for its proof search, the c ..."
Abstract

Cited by 11 (0 self)
 Add to MetaCart
(Show Context)
Isabelle/HOL is a popular interactive theorem prover based on higherorder logic. It owes its success to its ease of use and powerful automation. Much of the automation is performed by external tools: The metaprover Sledgehammer relies on resolution provers and SMT solvers for its proof search, the counterexample generator Quickcheck uses the ML compiler as a fast evaluator for ground formulas, and its rival Nitpick is based on the model finder Kodkod, which performs a reduction to SAT. Together with the Isar structured proof format and a new asynchronous user interface, these tools have radically transformed the Isabelle user experience. This paper provides an overview of the main automatic proof and disproof tools.
Nitpicking C++ Concurrency
, 2011
"... Previous work formalized the C++ memory model in Isabelle/HOL in an effort to clarify the proposed standard’s semantics. Here we employ the model finder Nitpick to check litmus test programs that exercise the memory model, including a simple locking algorithm. Nitpick is built on Kodkod (Alloy’s bac ..."
Abstract

Cited by 9 (4 self)
 Add to MetaCart
(Show Context)
Previous work formalized the C++ memory model in Isabelle/HOL in an effort to clarify the proposed standard’s semantics. Here we employ the model finder Nitpick to check litmus test programs that exercise the memory model, including a simple locking algorithm. Nitpick is built on Kodkod (Alloy’s backend) but understands Isabelle’s richer logic; hence it can be applied directly to the C++ memory model. We only need to give it a few hints, and thanks to the underlying SAT solver it scales much better than the CPPMEM explicitstate model checker. This case study inspired optimizations in Nitpick from which other formalizations can now benefit.
Integrating Testing and Interactive Theorem Proving
 In: ACL2 ’11: Proceedings of the ninth international workshop on the ACL2 theorem
"... Abstract. Using an interactive theorem prover to reason about programs involves a sequence of interactions where the user challenges the theorem prover with conjectures. Invariably, many of the conjectures posed are in fact false, and users often spend considerable effort examining the theorem pro ..."
Abstract

Cited by 9 (2 self)
 Add to MetaCart
(Show Context)
Abstract. Using an interactive theorem prover to reason about programs involves a sequence of interactions where the user challenges the theorem prover with conjectures. Invariably, many of the conjectures posed are in fact false, and users often spend considerable effort examining the theorem prover’s output before realizing this. We present a synergistic integration of testing with theorem proving, implemented in the ACL2 Sedan (ACL2s), for automatically generating concrete counterexamples. Our method uses the full power of the theorem prover and associated libraries to simplify conjectures; this simplification can transform conjectures for which finding counterexamples is hard into conjectures where finding counterexamples is trivial. In fact, our approach even leads to better theorem proving, e.g., if testing shows that a generalization step leads to a false conjecture, we force the theorem prover to backtrack, allowing it to pursue more fruitful options that may yield a proof. The focus of the paper is on the engineering of a synergistic integration of testing with interactive theorem proving; this includes extending ACL2 with new functionality that we expect to be of general interest. We also discuss our experience in using ACL2s to teach freshman students how to reason about their programs. 1
Embedding and automating conditional logics in classical higherorder logic
 Annals of Mathematics and Artificial Intelligence. In Print. DOI
, 2012
"... Abstract. A sound and complete embedding of conditional logics into classical higherorder logic is presented. This embedding enables the application of offtheshelf higherorder automated theorem provers and model finders for reasoning within and about conditional logics. 1 ..."
Abstract

Cited by 7 (7 self)
 Add to MetaCart
(Show Context)
Abstract. A sound and complete embedding of conditional logics into classical higherorder logic is presented. This embedding enables the application of offtheshelf higherorder automated theorem provers and model finders for reasoning within and about conditional logics. 1
Verifying SAT and SMT in Coq for a fully automated decision procedure
 PSATTT'11: INTERNATIONAL WORKSHOP ON PROOFSEARCH IN AXIOMATIC THEORIES AND TYPE THEORIES
, 2011
"... Enjoying the power of SAT and SMT solvers in the Coq proof assistant without compromising soundness requires more than a yes/no answer from them. SAT and SMT solvers should also return a proof witness that can be checked by an external tool. We propose a fully certified checker for such witnesses w ..."
Abstract

Cited by 6 (2 self)
 Add to MetaCart
Enjoying the power of SAT and SMT solvers in the Coq proof assistant without compromising soundness requires more than a yes/no answer from them. SAT and SMT solvers should also return a proof witness that can be checked by an external tool. We propose a fully certified checker for such witnesses written in Coq. It can currently check witnesses from the SAT solvers ZChaff and MiniSat and from the SMT solver VeriT. Experiments highlight the efficiency of this checker. On top of it, new reflexive Coq tactics have been built that can decide a subset of Coq’s logic by calling external provers and carefully checking their answers.
Higherorder aspects and context in SUMO
 Journal of Web Semantics (Special Issue on Reasoning with context in the Semantic Web
, 2012
"... This article addresses the automation of higherorder aspects in expressive ontologies such as the Suggested Upper Merged Ontology SUMO. Evidence is provided that modern higherorder automated theorem provers like LEOII can be fruitfully employed for the task. A particular focus is on embedded for ..."
Abstract

Cited by 5 (3 self)
 Add to MetaCart
(Show Context)
This article addresses the automation of higherorder aspects in expressive ontologies such as the Suggested Upper Merged Ontology SUMO. Evidence is provided that modern higherorder automated theorem provers like LEOII can be fruitfully employed for the task. A particular focus is on embedded formulas (formulas as terms), which are used in SUMO, for example, for modeling temporal, epistemic, or doxastic contexts. This modeling is partly in conflict with SUMO’s assumption of a bivalent, classical semantics and it may hence lead to counterintuitive reasoning results with automated theorem provers in practice. A solution is proposed that maps SUMO to quantified multimodal logic which is in turn modeled as a fragment of classical higherorder logic. This way automated higherorder theorem provers can be safely applied for reasoning about modal contexts in SUMO. Our findings are of wider relevance as they analogously apply to other expressive ontologies and knowledge representation formalisms.
A decision procedure for (co)datatypes in SMT solvers
, 2015
"... Abstract. We present a decision procedure that combines reasoning about datatypes and codatatypes. The dual of the acyclicity rule for datatypes is a uniqueness rule that identifies observationally equal codatatype values, including cyclic values. The procedure decides universal problems and is co ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
Abstract. We present a decision procedure that combines reasoning about datatypes and codatatypes. The dual of the acyclicity rule for datatypes is a uniqueness rule that identifies observationally equal codatatype values, including cyclic values. The procedure decides universal problems and is composable via the Nelson–Oppen method. It has been implemented in CVC4, a stateoftheart SMT solver. An evaluation based on problems generated from theories developed with Isabelle demonstrates the potential of the procedure. 1